Cyber criminals using coronavirus fears to target victims online
16 March 2020, 08:05
Criminals are using people's fears over the coronavirus crisis to target victims online, cyber security experts have warned.
The National Cyber Security Centre (NCSC) said "opportunistic" online crooks are using the deadly outbreak to launch attacks.
Clicking on links in bogus emails which say they have important updates about Covid-19 has led to devices being infected.
These "phishing" attempts can lead to victims being left out of pocket or stripped of sensitive data.
The NCSC is urging the public and businesses to seek out its advice on how to spot and deal with suspicious emails.
It also has guidance on how people can try to defend themselves against online attacks.
It notes that British-based victims have been targeted by coronavirus-themed phishing emails with infected attachments containing fictitious "safety measures".
The NCSC said it is also highly likely that the volume of attacks will rise as the outbreak worsens.
NCSC operations director Paul Chichester said: "We know that cyber criminals are opportunistic and will look to exploit people's fears, and this has undoubtedly been the case with the coronavirus outbreak.
"Our advice to the public is to follow our guidance, which includes everything from password advice to spotting suspect emails.
"In the event that someone does fall victim to a phishing attempt, they should look to report this to Action Fraud as soon as possible."
A rise in the registration of web pages relating to coronavirus may mean that cyber criminals are looking to take advantage of the pandemic, according to the NCSC.
Bitcoin, ransomware, credential theft and fraud have all been used by cyber criminals.
The awareness alert comes after the World Health Organisation warned that fake emails had been sent by criminals posing as the WHO in February.
These criminals were trying to steal money and sensitive information, the WHO said.
In recent months cyber criminals have also impersonated the US Centres for Disease Control and Prevention, creating domain names similar to the official web address to request passwords and even bitcoin donations to fund a fake vaccine.
